I have seen several blog posts on how to unlock a BitLocker encrypted drive from Windows PE, using the recovery password stored in the Microsoft Bitlocker Administration and Monitoring (MBAM) SQL Server database. What's the problem with these solutions? All of these have one thing in common: they query the SQL database directly, requires changing SQL Server configuration and granting access to the database directly. Why is this a problem? Well, in my opinion this is a bad design approach, as the core purpose of implementing BitLocker volume encryption and MBAM is to secure our data from being compromised. By [...]